Endpoint Manager Cloud Services Appliance

endpoint_manager_cloud_services_appliance

Vendor: Ivanti • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-9381 1Ivanti 1Endpoint Manager Cloud Services Appliance Oct 16, 2024 Oct 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
CVE-2024-9380 1Ivanti 1Endpoint Manager Cloud Services Appliance Oct 24, 2025 Oct 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
CVE-2024-9379 1Ivanti 1Endpoint Manager Cloud Services Appliance Oct 24, 2025 Oct 8, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
CVE-2024-8963 1Ivanti 1Endpoint Manager Cloud Services Appliance Oct 24, 2025 Sep 19, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Path Traversal in the Ivanti CSA before 4.6 Patch 519 allows a remote unauthenticated attacker to access restricted functionality.
CVE-2021-44529 1Ivanti 1Endpoint Manager Cloud Services Appliance Nov 3, 2025 Dec 8, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).